thr3ads.net - Secure testing commits - [Secure-testing-commits] r2060

If this information is useful, please help other people find it:
Share via:

Florian Weimer

2005-Sep-21 03:51 UTC

[Secure-testing-commits] r2060 - data/CAN

Author: fw
Date: 2005-09-21 03:50:51 +0000 (Wed, 21 Sep 2005)
New Revision: 2060

Modified:
   data/CAN/list
Log:
CAN-2005-2662 and CAN-2005-2663 have been disclosed.


Modified: data/CAN/list
==================================================================---
data/CAN/list	2005-09-20 21:04:00 UTC (rev 2059)
+++ data/CAN/list	2005-09-21 03:50:51 UTC (rev 2060)
@@ -726,10 +726,12 @@
 	NOTE: not-for-us (elm-me+ is no longer in unstable or testing)
 CAN-2005-2664 (Whisper 32 1.16, and possibly earlier versions, stores passwords
in ...)
 	NOTE: not-for-us (Whisper)
-CAN-2005-2663
+CAN-2005-2663 [local file overwrite in masqmail, via a symlink attack]
 	NOTE: reserved
-CAN-2005-2662
+	- masqmail (unfixed; low; bug #329307)
+CAN-2005-2662 [shell command injection in masqmail via email addresses]
 	NOTE: reserved
+	- masqmail (unfixed; high; bug #329307)
 CAN-2005-2661
 	NOTE: reserved
 CAN-2005-2660

Secure testing commits - Sep 2005 - r2060 - data/CAN

[Secure-testing-commits] r2060 - data/CAN